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DETAILED ACTION 
Response to Amendment 

1 . This Office Action is response to amendment filed on 12/9/2005. 

2. Applicant's amendments to claims 1, 22, and 43 are acknowledged. Consequently, claims 
49 - 5 1 have been added, claims 1 - 5 1 are currently pending for further execution processing. 
An IDS filed 12/21/05 have been considered. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

4. Claims 1 - 51 are rejected under 35 U.S.C. 103(a) as being unpatentable over Cohen et al 
(U.S. 6,178,5 1 1) in view of Prasanta Behera (U.S. 6,535,879). 

♦ As per claim 1, 22, 43, 

Cohen discloses a method for managing user schemas in a distributed computing system, 
comprising: 

- " Creating a first global user identification for a first user" See Fig. 10, col. 8, lines 41 - 
46, 63 - 67. The first global user identification corresponds to user A' identification. 

- This is the global identification because the information about the user (Personal Key 
manager) is stored in a global database (col. 4, lines 61-64, col. 5, lines 16-21) 
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- " Creating a second global user identification for a second user" See Fig. 10 5 col. 8, lines 
41 - 46, 63 - 67. The second global user identification corresponds to user B or X' 
identification. 

- " Creating a local user schema at a network node" the local user schema corresponds to 
the information that stored in a second database, called Configuration Information 
Manager (CM) (See col. 5, lines 22 - 27). Some example of the content of C1M is 
described in col. 5, lines 59 - col. 6, lines 7. 

- " The local user schema accessible by the first and the second users" See col. 5, lines 59 - 
col. 6, lines 7, and col. 5, lines 21-29. Both first and second users can access 
information in the second database from the local machine. 

- " Mapping the first global user identification to the local user schema" See Fig. 7-8, col. 
7, lines 11-17. 

- " Mapping the second global user identification to the local user schema" See Fig. 7-8, 
col. 7, lines 11-17. 

- "When the first user logs into the network node, assigning the local user schema to the 
first user with a first user role; when the second user logs into the network node, 
assigning the local user schema to the second user with a second user role" 

Cohen teaches that the CIM may include, for example, the application type, and specific 
information that can be used to allow that user to access the information. Cohen also teaches that 
the PKM is mapped to a set of remote procedure calls on each client machine. Those remote 
procedure calls have different protection levels and different properties (col. 9, lines 24 - 28, 
Cohen). Cohen does not clearly disclose that "a scope of the privilege for the first user is based at 
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least partially on the first user role, and a scope of the privilege for the second user is based at 
least partially on the second user role". In other words, Cohen does not implicitly teach that a 
multiple users can be associated with a same role. 

However, Behera, on the other hand, discloses a method for access control via properties 
system that stored the access schema/role associated with an Access control List (See col. 4, 
lines 45 - 46). Behera teaches that the system would allow access based on role (col. 3, lines 44 - 
45), and allow users to access to the same information if they have the same properties (col. 3, 
lines 50 - 52). In addition, Behera teaches that users in the same department can access to each 
other information since they have the same role. This teaching is same as claim invention. 
Therefore, it would have been obvious to one with ordinary skill in the art at the time the 
invention was made to modify the CIM data of Cohen to include the access schema as described 
in Behera invention because the teaching would provide more security in protecting the data 
using different roles for different users. As the result, the local user schema in Cohen (specific 
information, or information) also contains the information or data that the user can be accessed 
based on user privilege. 

- " Wherein the first user and the second user have different privileges on the network 
node" see col. 3, lines 38 - 45, Behera. 

♦ As per claims 2, 23, 44, the combination of Cohen and Behera disclose: 

- " The method of claim 1 in which the first and second global user identifications are 
stored in a directory" col. 11, lines 54 - 56, Cohen. 

♦ As per claims 3, 24, the combination of Cohen and Behera disclose: 
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- " The method of claim 2 in which the directory comprises a LDAP directory" See col. 3, 
lines 9-30, Behera. 

♦ As per claims 4, 25, 45, the combination of Cohen and Behera disclose: 

- " The method of claim 1 in which the network node is a database server" See Fig. 1, col. 
3, lines 60 67, Cohen. 

♦ As per claims 5, 26, the combination of Cohen and Behera disclose: 

- " The method of claim 1 in which a data object maps the first global user identification to 
the local user schema" See Fig. 7-8, col. 7, lines 11-17, col. 9, lines 24 - 28, Cohen. 

♦ As per claims 6 - 7, 27 - 28, 47, the combination of Cohen and Behera disclose: 

- " The method of claim 5 in which the data object specifically maps only the first global 
user identification to the local user schema" Because this process is applied for a single 
user, therefore, the data object specifically maps only the first global user identification to 
the local user schema. 

♦ As per claims 8 - 9, 29 - 30, 48, the combination of Cohen and Behera disclose: 

- " The method of claim 5 in which the data object potentially maps multiple users to the 
local user schema", "The method of claim 8 in which the data object maps based upon a 
partial identification of the users" See col. 4, lines 40 - 44, Behera. 

♦ As per claims 10 - 1 1, 31 - 32, the combination of Cohen and Behera disclose: 

- " The method of claim 5 in which the data object maps based upon a specific computer 
node", "The method of claim 10 in which the data object resides in a directory beneath an 
associated server object" See col. 6, lines 38-42, Cohen. 

♦ As per claims 12 - 13, 33 - 34, the combination of Cohen and Behera disclose: 
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- " The method of claim 5 in which the data object maps based upon a domain", "The 
method of claim 12 in which the data object resides beneath a domain object" See col. 4 5 
lines 52 - 53, 64 - col. 5, lines 2, Cohen. 

♦ As per claims 14, 35, 46, the combination of Cohen and Behera disclose: 

- " The method of claim 1 in which the first user role and the second user role are 
different" See col. 3, lines 38 - 45, Behera. 

♦ As per claims 15, 36, the combination of Cohen and Behera disclose: 

- " The method of claim 1 in which privileges associated with the local schema are 
assigned to the first and second users" See col. 4, lines 45 - 46, Behera. 

♦ As per claims 16, 37, the combination of Cohen and Behera disclose: 

- " The method of claim 1 in which an entry-level mapping object maps a specific user and 
in which a sub tree-level mapping object potentially maps multiple users based upon a 
partial match of user identifications, wherein the entry-level mapping object takes 
precedence over the sub tree-level mapping object" See Fig. 6, Behera. 

♦ As per claims 17, 38, the combination of Cohen and Behera disclose: 

- " The method of claim 1 in which an server mapping object and a domain mapping object 
both map a user, wherein the server mapping object takes precedence over the domain 
mapping object" Fig. 6, col.4, lines 63 - col. 5, lines 4, Behera. 

♦ As per claims 18 - 19, 39 - 40, the combination of Cohen and Behera disclose: 

- " The method of claim 1 in which a record is maintained to track mappings to the local 
user schema that provides an audit trail corresponding to the first and second users. The 
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method of claim 18 in which the record distinguished between mappings for the first and 
second users" See fig. 5, Cohen. 

♦ As per claims 20 - 21, 41 - 42, the combination of Cohen and Behera disclose: 

- " The method of claim 1 further comprising the act of creating a local mapping at the 
network node, in which the first user is mapped to the local schema only if the local 
mapping does not contain a mapping for the first user" See col. 5, lines 6 - 67, Cohen. 

- The method of claim 1 further comprising the act of creating a non-shared schema at the 
network node, the local user schema being a shared schema at the network node, in which 
the first user is mapped to the shared schema only if the first user is not mapped to the 
non-shared schema" See col. 5, lines 49 - 58, Cohen. 

♦ As per claims 49 - 51, the combination of Cohen and Behera disclose: 

- " Wherein the scope of privilege for the first user and the scope of privilege for the 
second user are based also on the local user schema" see col. 3, lines 38 - 45, Behera. 
"The scope of privilege" sees col. 3, lines 38 - 39 of Behera. 

Response to Arguments 
5. Applicant's arguments filed 12/9/05 have been fully considered but they are not 
persuasive. 

Applicant argues that Behera does not disclose assigning the same local user schema to different 
users with different roles. The Examiner respectfully disagrees. 
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As disclosed above, Behera allows users to access to the same information (local user schema) 
based on privilege (col. 3, lines 38 - 39 of Behera). Therefore, the combination of Cohen and 
Behera disclose the claim limitation. 



Conclusion 

6. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

7. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to CamLinh Nguyen whose telephone number is (571) 272 - 4024. 
The examiner can normally be reached on Monday-Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Safet Metjahic can be reached on (571) 272 - 4023. The fax phone number for the 
organization where this application or proceeding is assigned is 571 - 273 - 8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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